[
https://issues.apache.org/jira/browse/AXIS2C-1415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bill Blough closed AXIS2C-1415.
-------------------------------
> Buffer overrun in axis2_http_client_recieve_header when receiving a HTTP
> header field larger than 512 bytes in length.
> ----------------------------------------------------------------------------------------------------------------------
>
> Key: AXIS2C-1415
> URL: https://issues.apache.org/jira/browse/AXIS2C-1415
> Project: Axis2-C
> Issue Type: Bug
> Components: transport/http
> Affects Versions: 1.6.0
> Environment: Windows XP SP2, Axis2/C compiled with Visual Studio 2008
> SP1
> Reporter: Nigel Meachen
> Assignee: nadir amra
> Priority: Major
> Fix For: 1.7.0
>
>
> A buffer overrun occurs in axis2_http_client_recieve_header when a HTTP
> header field larger than 512 bytes is received resulting in stack corruption
> and in my case causes the client to loop forever.
> In my scenario I was using the Axis2/C 1.6 client to invoke a RESTful service
> using Basic Authentication running on a Websphere 7 environment. Upon
> successful authentication the response HTTP header contains a Set-Cookie
> field totaling 760 bytes.
> I was able to work around this issue by doubling the size of the str_header
> field and modifying the memset reference to use sizeof avoiding the need to
> modify thm in the future if the size changes again. The module at the least
> should keep track of the accumulated header field size to avoid overruns in
> the future but ideally should dynamically allocate memory to cope with any
> size header field.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
